0

LDAP MD5 Cert Error on RHEL/CentOS 6.4+

With the update of nss-3.14.0 LDAP stopped using the MD5 signed certificate. nss-3.14.0 update deems that MD5 as unsecure. The change causes authentication of users using LDAP to fail. There are 4 possible ways to fix this problem 1) update the LDAP certificate to use other type of encryption than MD5 2) modify each kernel line in /etc/grub.conf to add support for MD5 and also in create nss.sh in /etc/profile.d in /etc/grub.conf add to the end of each kernel line systemd.setenv=NSS_HASH_ALG_SUPPORT=+MD5 in /etc/profile.d create nss.sh with export NSS_HASH_ALG_SUPPORT=+MD5 REBOOT 3) export the correct options to /etc/sysconfig/init in /etc/sysconfig/init add export… Continue Reading